WKD

By chimo on Feb. 4, 2025 (updated on Feb. 5, 2025)

I recently re-learned about Web Key Service (WKS) and Web Key Directory (WKD). I opted to host a static version of WKD, which is essentially just placing text files in a specific directory.

As a result, clients that support WKD should be able to discover my PGP keys without relying on third-party repositories (i.e.: key servers and the like).

The GnuPG wiki links to pretty good howtos so I’ll just jot down a couple of commands:

# Get WKD hash
chimo@xps:~$ gpg --with-wkd-hash --list-public-keys chimo@chromic.org
pub   ed25519 2024-01-03 [SC]
      B6D839223B9FB62CCA8DCA3E54D3DB5A1FAE3486
uid           [ultimate] chimo (code.chromic.org) 
              jsduf8j3xfwmgm1ck85gzngryqq4fzto@chromic.org
sub   cv25519 2024-01-03 [E]
# Create public key file
chimo@xps:~$ gpg --export --armor chimo@chromic.org > jsduf8j3xfwmgm1ck85gzngryqq4fzto

Take the resulting file and make it accessible at openpgpkey.chromic.org/.well-known/openpgpkey/chromic.org/hu/jsduf8j3xfwmgm1ck85gzngryqq4fzto